Hi,
We have a routerboard 2011LS-IN which is using two IPsec tunnels. One goes to another Mikrotik router, and another into a Unix based server…
The other Mikrotik has 15+ running IPsec connections, the Unix server has three… without any problems.
The problem is, that by the time if there is network loss, or other cause, the IPsec connection has disconnects, it won’t reconnect. Even if I reconnect it manually (flush installed-sa, kill connections, even disable policy, peer, etc, then reenable them back) it does not work. The IPsec connects quickly, it stores the keys in the installed-sa, everything is perfect, despite, no data transfer between sites at all… (no icmp, no tcp, neither udp connections through the tunnel…)
Even if I recreate the connections, it does not work, but after about 5-6 hours, it just became ok… no ping loss, no errors, works nicely for weeks… until it disconnects again…
This issue can be noticed to the UNIX server and to the other Mikrotik too… I don’t know if it is being repaired at once but i assume it is not. Temporarly we’re running L2TP tunnel on the UNIX side instead, as we need a stable connection for that…
It’s really strange, as we are managing 100+ IPsec tunnels around, even in lot more complicated infrastructures and we don’t have any issues with it, just with this router… and yes, we’ve upgraded to the latest version RouterOS… it’s currently running 5.25
thanks for the help in advance,
Peter